Paris Lundis wrote: > > God forgive any Schmoe who runs their SQL server on a direct net > connected box ...
Sometimes you have little choice. If your university has 3 /16's and people have mobile workplaces with IP addresses from all over them leaving all 3 /16's open to the server is pretty much your only choice. Then throw in a few CS students [1] running unpatched MS SQL Server installs in their dorms within those 3 /16's and suddenly the vector is inside your own network. You don't always have as much control over your network as you would like. Jochem [1] Amazingly enough all MS SQL Servers here that were run by non-CS students were properly secured (or at least didn't show any confirmed infections). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
